Package: fakechroot Version: 2.20.1+ds-17 Severity: wishlist Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu plucky ubuntu-patch
Dear Maintainer, Fakechroot in Ubuntu is affected by[1] due to FORTFY_SOURCE enabled[2]. The autopkgtests fails due to the public key not known[3]: 85s Get:1 http://deb.debian.org/debian unstable InRelease [202 kB] 85s Err:1 http://deb.debian.org/debian unstable InRelease 85s The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 85s Reading package lists... 85s W: GPG error: http://deb.debian.org/debian unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 85s E: The repository 'http://deb.debian.org/debian unstable InRelease' is not signed. 85s E: apt-get update --error-on=any -oAPT::Status-Fd=<$fd> -oDpkg::Use- Pty=false failed 85s W: hooklistener errored out: E: received eof on socket In Ubuntu, the attached patch was applied to achieve the following: * d/p/0001-properly-pass-buffer.patch: apply proposed patch to resolve the buffer overflow (LP: #2087810). * d/t/{control, mmdebstrap}: fix autopkgtest - use debian-archive-keyring for mmdebstrap keyring arguments. Thanks for considering the patch. [1] https://github.com/dex4er/fakechroot/issues/114 [2] https://bugs.launchpad.net/ubuntu/+source/fakechroot/+bug/2087810 [3] https://autopkgtest.ubuntu.com/results/autopkgtest-plucky- vpa1977-plusone/plucky/ppc64el/f/fakechroot/20241112_120709_6d30c@/log.gz -- System Information: Debian Release: trixie/sid APT prefers noble-updates APT policy: (500, 'noble-updates'), (500, 'noble-security'), (500, 'noble'), (100, 'noble-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.8.0-48-generic (SMP w/32 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
diff -Nru fakechroot-2.20.1+ds/debian/patches/0001-properly-pass-buffer.patch fakechroot-2.20.1+ds/debian/patches/0001-properly-pass-buffer.patch --- fakechroot-2.20.1+ds/debian/patches/0001-properly-pass-buffer.patch 1970-01-01 12:00:00.000000000 +1200 +++ fakechroot-2.20.1+ds/debian/patches/0001-properly-pass-buffer.patch 2024-11-11 14:05:23.000000000 +1300 @@ -0,0 +1,62 @@ +From 15479d9436b534cee0115064bd8deb8d4ece9b8c Mon Sep 17 00:00:00 2001 +From: Yorick van Pelt <yor...@yorickvanpelt.nl> +Date: Sat, 25 Nov 2023 15:34:40 +0100 +Subject: [PATCH] __readlink_chk, __readlinkat_chk: properly pass buffer length +Bug: https://github.com/dex4er/fakechroot/issues/114 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/fakechroot/+bug/2087810 +Origin: https://github.com/yorickvP/fakechroot/commit/15479d9436b534cee0115064bd8deb8d4ece9b8c + +Fixes https://github.com/dex4er/fakechroot/issues/114 +--- + src/__readlink_chk.c | 8 +++++++- + src/__readlinkat_chk.c | 8 +++++++- + 2 files changed, 14 insertions(+), 2 deletions(-) + +--- a/src/__readlink_chk.c ++++ b/src/__readlink_chk.c +@@ -25,6 +25,7 @@ + #define _FORTIFY_SOURCE 2 + #include <stddef.h> + #include <unistd.h> ++#include <stdio.h> + #include "libfakechroot.h" + + +@@ -41,7 +42,12 @@ + debug("__readlink_chk(\"%s\", &buf, %zd, %zd)", path, bufsiz, buflen); + expand_chroot_path(path); + +- if ((linksize = nextcall(__readlink_chk)(path, tmp, FAKECHROOT_PATH_MAX-1, buflen)) == -1) { ++ if (__builtin_expect(!!(bufsiz > buflen), 0)) { ++ printf("readlink: prevented write past end of buffer\n"); ++ exit(-1); ++ } ++ ++ if ((linksize = nextcall(__readlink_chk)(path, tmp, FAKECHROOT_PATH_MAX-1, FAKECHROOT_PATH_MAX-1)) == -1) { + return -1; + } + tmp[linksize] = '\0'; +--- a/src/__readlinkat_chk.c ++++ b/src/__readlinkat_chk.c +@@ -26,6 +26,7 @@ + #define _FORTIFY_SOURCE 2 + #include <stddef.h> + #include <unistd.h> ++#include <stdio.h> + #include "libfakechroot.h" + + +@@ -42,7 +43,12 @@ + debug("__readlinkat_chk(%d, \"%s\", &buf, %zd, %zd)", dirfd, path, bufsiz, buflen); + expand_chroot_path_at(dirfd, path); + +- if ((linksize = nextcall(__readlinkat_chk)(dirfd, path, tmp, FAKECHROOT_PATH_MAX-1, buflen)) == -1) { ++ if (__builtin_expect(!!(bufsiz > buflen), 0)) { ++ printf("readlinkat: prevented write past end of buffer\n"); ++ exit(-1); ++ } ++ ++ if ((linksize = nextcall(__readlinkat_chk)(dirfd, path, tmp, FAKECHROOT_PATH_MAX-1, FAKECHROOT_PATH_MAX-1)) == -1) { + return -1; + } + tmp[linksize] = '\0'; diff -Nru fakechroot-2.20.1+ds/debian/patches/series fakechroot-2.20.1+ds/debian/patches/series --- fakechroot-2.20.1+ds/debian/patches/series 2024-04-15 04:20:07.000000000 +1200 +++ fakechroot-2.20.1+ds/debian/patches/series 2024-11-11 14:05:23.000000000 +1300 @@ -12,3 +12,4 @@ 0012-test-touch.inc.sh-use-testtree-variable.patch 0013-symlink.t-also-test-lutimes-if-available-as-well-as-.patch 0014-wrap-__lutimes64-for-glibc-2.37.patch +0001-properly-pass-buffer.patch diff -Nru fakechroot-2.20.1+ds/debian/tests/control fakechroot-2.20.1+ds/debian/tests/control --- fakechroot-2.20.1+ds/debian/tests/control 2024-04-15 04:20:07.000000000 +1200 +++ fakechroot-2.20.1+ds/debian/tests/control 2024-11-11 14:05:23.000000000 +1300 @@ -1,4 +1,4 @@ # depend on libc-bin to make sure that this test gets run on every glibc upload Tests: mmdebstrap -Depends: mmdebstrap, fakechroot, fakeroot, libc-bin +Depends: mmdebstrap, fakechroot, fakeroot, libc-bin, debian-archive-keyring Restrictions: needs-root, allow-stderr diff -Nru fakechroot-2.20.1+ds/debian/tests/mmdebstrap fakechroot-2.20.1+ds/debian/tests/mmdebstrap --- fakechroot-2.20.1+ds/debian/tests/mmdebstrap 2024-04-15 04:20:07.000000000 +1200 +++ fakechroot-2.20.1+ds/debian/tests/mmdebstrap 2024-11-11 14:05:23.000000000 +1300 @@ -8,16 +8,15 @@ # change to temporary directory to not interfere with the source cd "$AUTOPKGTEST_TMP" - ret=0 # variants important and standard differ because permissions drwxr-sr-x # and extended attributes of ./var/log/journal/ cannot be preserved # in fakechroot mode for variant in essential apt minbase buildd; do - mmdebstrap --variant=$variant --mode=root unstable root.tar + mmdebstrap --variant=$variant --keyring=/usr/share/keyrings/debian-archive-keyring.gpg --mode=root unstable root.tar touch fakechroot.tar chown "$AUTOPKGTEST_NORMAL_USER" fakechroot.tar - runuser -u "$AUTOPKGTEST_NORMAL_USER" -- mmdebstrap --variant=$variant --mode=fakechroot unstable fakechroot.tar + runuser -u "$AUTOPKGTEST_NORMAL_USER" -- mmdebstrap --keyring=/usr/share/keyrings/debian-archive-keyring.gpg --variant=$variant --mode=fakechroot unstable fakechroot.tar cmp root.tar fakechroot.tar || ret=$((ret+$?)) rm root.tar fakechroot.tar done
